From 479e11d7d3a73c3ea25effcbb42e1527bd59049d Mon Sep 17 00:00:00 2001
From: Anton Khirnov <anton@khirnov.net>
Date: Sun, 26 Jun 2022 12:12:27 +0200
Subject: Do not expect the reuquest to be form-encoded.

Just store the request payload as-is. Allows simplifying uploaders.
---
 fhost.py | 24 +++++++++---------------
 1 file changed, 9 insertions(+), 15 deletions(-)

diff --git a/fhost.py b/fhost.py
index 9910773..7e7ac60 100755
--- a/fhost.py
+++ b/fhost.py
@@ -156,12 +156,11 @@ def in_upload_bl(addr):
 
     return False
 
-def store_file(f, addr):
+def store_file(r, addr):
     if in_upload_bl(addr):
         return "Your host is blocked from uploading files.\n", 451
 
-    data = f.stream.read()
-    digest = sha256(data).hexdigest()
+    digest = sha256(r.data).hexdigest()
     existing = File.query.filter_by(sha256=digest).first()
 
     if existing:
@@ -172,7 +171,7 @@ def store_file(f, addr):
 
         if not os.path.exists(epath):
             with open(epath, "wb") as of:
-                of.write(data)
+                of.write(r.data)
 
         if existing.nsfw_score == None:
             if app.config["NSFW_DETECT"]:
@@ -184,12 +183,12 @@ def store_file(f, addr):
 
         return existing.geturl()
     else:
-        guessmime = mimedetect.from_buffer(data)
+        guessmime = mimedetect.from_buffer(r.data)
 
-        if not f.content_type or not "/" in f.content_type or f.content_type == "application/octet-stream":
+        if not r.content_type or not "/" in r.content_type or r.content_type == "application/octet-stream":
             mime = guessmime
         else:
-            mime = f.content_type
+            mime = r.content_type
 
         if mime in app.config["FHOST_MIME_BLACKLIST"] or guessmime in app.config["FHOST_MIME_BLACKLIST"]:
             abort(415)
@@ -197,7 +196,7 @@ def store_file(f, addr):
         if mime.startswith("text/") and not "charset" in mime:
             mime += "; charset=utf-8"
 
-        ext = os.path.splitext(f.filename)[1]
+        ext = os.path.splitext(r.base_url)[1]
 
         if not ext:
             gmime = mime.split(";")[0]
@@ -215,7 +214,7 @@ def store_file(f, addr):
         spath = getpath(digest)
 
         with open(spath, "wb") as of:
-            of.write(data)
+            of.write(r.data)
 
         if app.config["NSFW_DETECT"]:
             nsfw_score = nsfw.detect(spath)
@@ -287,12 +286,7 @@ def dump_urls(start=0):
 @app.route("/", methods=["GET", "POST"])
 def fhost():
     if request.method == "POST":
-        sf = None
-
-        if "file" in request.files:
-            return store_file(request.files["file"], request.remote_addr)
-
-        abort(400)
+        return store_file(request, request.remote_addr)
     else:
         return "Nothing to see here"
 
-- 
cgit v1.2.3